Tech Off Thread

1 post

Forum Read Only

This forum has been made read only by the site admins. No new threads or comments can be added.

Portal implementation with Webservices and ASP.NET 2.0

Back to Forum: Tech Off
  • User profile image
    Jeroen​Oostewechel

    I have a few questions about te portal i am designing and building
    on the image below, you can see the concept i have in mind.

    http://members.home.nl/oostewechel/ConceptualModelPortal.jpg

    The concept involves 2 webservers one for presentation(the one in the DMZ) and one in our local lan wich is doing all the processing work.

    I would like to authenticate users with forms authentication, and flow their username and password to the backend webservices where they will be validated at one of our domains. Without using Impersonation for performance reasons (and the DMZ webserver isn't also in any Domain)

    I did some research for Iprincipal, wich could work very nice for us i thought up a concept wich flows back the iprincipal back to our presentation webserver where whe then return the formsauthentication cookie to the client. And store the Principal in the session for the user, so that on subsequent requests the principal can be used.

    The problem we have is that we don't want to store the user password on the DMZ webserver and preferrably also not on our LAN webserver.

    We would also like to use AZMAN with the iprincipal for a more finegrained authorisation structure.

    For securing the webservices we have looked at the WSE 3.0 security features but i haven't seen any implementation with Iprincipal for authenticating and authorizing users.

    For webservices it is possible to use a security token service (STS) but i think that makes the solution too complex.

    Can anyone give us advice to make this implementation work?
    I have looked at most sites covering the components we would like to use, but a implementation like the one we thought up i can't find.

Conversation locked

This conversation has been locked by the site admins. No new comments can be made.